Setting up this blog

Jan 9, 2019 12:02 · 388 words · 2 minute read tech

This blog is generated by hugo, a static site generator. My flow is to write it markdown files on my laptop, commit it to a git repository and push it to the machine that’s hosting the blog you’re reading. Once the push is successful, a post-commit hook runs hugo and generates HTML pages. Of course, the firewall needs to be configured and SSL certificates need to be provisioned. It wouldn’t be the same with the pretty green lock icon.

This works well for me, except if I brick my server by accident. For example, by experiencing a botched OS update. In that case, I need to set it up once more. This is a cheatsheet for me to get up and running quickly.

  1. Create/update DNS records for your domain
  2. Install hugo on prod.
    • root@prod $ wget the latest release from here, Linux x64
    • root@prod $ tar -xvzf hugo.tar
    • root@prod $ mv hugo /usr/bin
  3. Set up git server
    • root@prod $ mkdir blog.git
    • root@prod $ cd blog.git && git init --bare
    • krishnasr@mbp $ git clone git@gitlab.com:nindalf/blog.git
    • krishnasr@mbp $ cd blog
    • krishnasr@mbp $ git remote add vps root@139.59.84.126:blog.git
    • krishnasr@mbp $ git remote add all git@gitlab.com:nindalf/blog.git
    • krishnasr@mbp $ git remote set-url --add --push all root@139.59.84.126:blog.git
    • krishnasr@mbp $ git remote set-url --add --push all git@gitlab.com:nindalf/blog.git
    • krishnasr@mbp $ git push all
  4. Pull Git on server
    • root@prod $ git clone /root/blog.git/
  5. Set up post receive hook
    • root@prod $ cd /root/blog.git/hooks
    • root@prod $ vim post-receive and paste in the contents below
    • root@prod $ bash post-receive - test that it’s working correctly and generating the right output in the right folder
#!/bin/bash

WORKING_DIRECTORY=/root/blog
GIT_DIR=/root/blog/.git
PUBLIC_WWW=/var/www/html/blog

cd $WORKING_DIRECTORY
git fetch --all
git reset --hard origin/master
/usr/bin/hugo -s $WORKING_DIRECTORY -d $PUBLIC_WWW
trap - EXIT
  1. Set up ufw.
    • ufw default deny incoming
    • ufw default allow outgoing
    • ufw allow ssh
    • ufw allow 'Nginx Full'
    • ufw enable
    • ufw status
To                         Action      From
--                         ------      ----
Nginx Full                 ALLOW       Anywhere
22/tcp                     ALLOW       Anywhere
22                         ALLOW       Anywhere
Nginx Full (v6)            ALLOW       Anywhere (v6)
22/tcp (v6)                ALLOW       Anywhere (v6)
22 (v6)                    ALLOW       Anywhere (v6)
  1. Set up nginx.
    • apt-get install nginx
    • vim /etc/nginx/sites-available/default
    • server_name blog.nindalf.com nindalf.com www.nindalf.com
  2. Set up certificates
    • add-apt-repository ppa:certbot/certbot
    • apt-get update
    • apt-get install python-certbot-nginx
    • certbot --nginx -d blog.nindalf.com -d nindalf.com -d www.nindalf.com
    • Follow interactive tutorial

More context

Shoutout to the great tutorials on DigitalOcean!